Y
Hacker News
new
|
ask
|
show
|
jobs
by
foretoldfeline
317 days ago
GNU Shepherd itself doesn't implement sandboxing, but you can use the least-authority-wrapper to do namespaces. There are other tools to do more comphrensive sandboxing, which Shepherd can use, e.g. nsjail.
least-authority-wrapper:
https://codeberg.org/guix/guix/src/commit/e3fbaeee1386fd447f...
1 comments
lynx97
317 days ago
Uoh, nsjail ha? The namespace for project names seems exhausted. No germans on the dev team, ey?
link
foretoldfeline
316 days ago
https://github.com/google/nsjail
link
kwk1
316 days ago
What is the problematic connotation for 'nsjail' in German?
link
1oooqooq
315 days ago
refer to a kind of jail by a political party that killed a few million people around the 40s
link
lynx97
314 days ago
The Nazis party was called National Socialists... And they had a number of horrific jails.
link